VP, Security Architect

  • Sector: LMA Asia Technology
  • Contact: Sugam Bordoloi
  • Location: Singapore
  • Salary: S$200000.00 - S$240000.00 per annum
  • Expiry Date: 24 July 2023
  • Job Ref: BBBH419822_1684981175

VP, Security Architect (Perm Role)

About the Company:

Our client is a multinational bank with operations in consumer, corporate and institutional banking, and treasury services.

Role Responsibilities

  • Become a trusted advisor and subject matter expert (SME) on security architecture. provide deep architectural expertise on complex cloud and on-premises projects,
  • Deliver workable risk/threat-driven solutions with cost/benefit analysis.
  • Communicate with both technical and non-technical stakeholders, provide guidance on proper architectural patterns. Identify and mitigate anti-patterns, redundancies, and duplications.
  • Perform gap analysis for specific domains, identify gaps in existing capabilities, service maturity.
  • Identify missing cybersecurity and cyber-resilience capabilities in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions also including topics such as product's convergence over time and products decommissioning.
  • Define and manage architecture artefacts including reference architecture documents, blueprints, technical and non-technical security requirements aligned to the corresponding strategic road map.
  • Aligns architecture principles with our cybersecurity strategy, ensures alignment to road maps, cyber security, and resiliency standards as well as to our architectural framework.
  • Responsible for security architectural design, realisation of the architecture in the solution implementation road map.
  • Analyse market trends and threat landscape, provide meaningful insights, opportunities, and risks.
  • Represent the architecture group in key internal service architecture governance forums.
  • Work closely with your pears in the security architecture group, service and solution architects, engineers, project teams.

Our Ideal Candidate

  • Bachelor's degree in engineering, computer science, preferably majoring in cybersecurity.
  • 3 and more years of experience in security architecture roles, leading complex architectural projects with multiple stakeholders, utilising various security tools/technologies.
  • 2-3 years hands-on experience (coding in Java, JS, Python) ideally full stack development.
  • Proven threat modelling experience using STRIDE/MITRE/OWASP and/or other threat modelling methodologies for complex systems (ideally MITRE ATT&CK Defenders (MAD) Certified).
  • 1-2 years of experience in networking architecture and/or networking security architecture and/or AWS networking specialty certified / Cisco CCNP Security / etc.
  • Deep technical skills with good understanding in cross-functional technologies (IAM, data protection, threat management, vuln management, etc.) ability to dive into technical engineering details.
  • Experience in offensive tactics, techniques, and procedures (TTPs), pen-testing / hacking background or (OSCP, CEH master) certified.
  • Excellent communication skills, ability to explain complex topics to both technical and non- technical audiences. Proven ability to influence relevant stakeholders and decision makers.
  • Excellent organisational skills, ability to manage deadlines and effectively prioritise multiple projects.

Role-Specific Technical Competencies

  • Experience working in security architecture/engineering roles for financial institutes.
  • Relevant cybersecurity certifications (AWS/Google/Microsoft Certified Security specialist, architect, GDSA, SANS GIAC, CISSP-ISSAP).
  • AWS solutions architect professional certified and 3 years of experience in AWS environment or 5 hands-on years equivalent experience in AWS solution architecture.
  • In-depth understanding of threat-attack methodologies (STRIDE, DREAD, OWASP, Attack trees, MITRE ATT&CK, etc.) and corresponding mitigations in an enterprise environment.
  • Experience with cybersecurity frameworks e.g., NIST cybersecurity framework, NIST 800- 53v5, NIST 800-37, ISO 27xxx, etc.
  • Knowledge of offensive tactics, techniques, and procedures (TTPs), ideally completed training and/or certifications (OSCP, CEH, Pentest+, etc.)

If you are interested to apply, then please forward your updated CV to Sugam.bordoloi@lmarecruitment.asia

If you know someone else who may be interested in a new opportunity, please pass their information along, or forward their contact information. We have numerous opportunities in several fields and would love to help you or someone you know find the right fit!

Company Reg No.: 201131609D, Licence No.: 11C4684